Your keys can be memorized, set in paper or metal and never touch a signing device/hww, it's true.

But how would you safely sign transactions using that knowledge if not through a device like this?

I'm not going to enter my private key into an Internet connected device in order to broadcast a transaction, that's for sure.